12 Active Sensors

Now that your network is segmented, you need to actively monitor it to detect suspicious activities and potential threats and take actions based on that. Your security posture won’t be fully completed if you don’t have a good detection system; this means having the right sensors distributed across the network, monitoring the activities. The Blue Team should take advantage of modern detection technologies that create a profile of the user and computer in order to better understand anomalies and deviations in normal operations. With this information, preventative actions could be taken.

In this chapter, we are going to cover the following topics:

Detection capabilities
Intrusion detection systems
Intrusion prevention systems ...

Get Cybersecurity - Attack and Defense Strategies now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Cybersecurity - Attack and Defense Strategies by Yuri Diogenes, Dr. Erdal Ozkaya

12

Active Sensors

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly